2 Million Facebook, Gmail & Twitter Passwords Stolen

2 Million Facebook, Gmail & Twitter Passwords Stolen

Hackers have stolen usernames and passwords for nearly two million accounts at Facebook, Google, Twitter, Yahoo and others, according to a report released this week.
The massive data breach was a result of keylogging software maliciously installed on an untold number of computers around the world, researchers at cybersecurity firm Trustwave said. The virus was capturing log-in credentials for key websites over the past month and sending those usernames and passwords to a server controlled by the hackers.
(CNNMoney)

More Info:

Researchers discover database with 2M stolen login credentials – Cnet.com

Two million stolen Facebook, Twitter, Yahoo, ADP passwords found on Pony Botnet server – Zdnet.com

(Visited 21 times, 1 visits today)

25 thoughts on “2 Million Facebook, Gmail & Twitter Passwords Stolen

  1. The problem is from what I’ve seen the general public (or a large fraction at least) seem to think that security isn’t down to them but others e.g. the websites and the security suites.

    Using a security suite and not being security concious e.g. downloading every unknown attachment, visiting unknown sites etc. is like sleeping around with many people but using protection. There’s always going to be a risk. Until people can realise this, nothing will probably change.

  2. Here's a pretty extensive explanation of how to remove Nation Zoom, although if it was installed with other malware, it won't help you much: http://malwaretips.com/blogs/nation-zoom-removal/

    There are sites which will walk you through removal of malware once you post HiJackThis logs, if you have time and patience. Just search for them.

    My recommendation is to use an image backup system – as it can be very difficult and time consuming to remove malware. It only takes minutes to reload an image, but can take months to get everything back to the way you want it manually if you need to reformat and start over.

  3. To each their own, but I've found that free anti-virus programs such as Avast Free Edition work very well. Set an update and scan schedule which suits you, and pretty much forget about it. The problem with free anti-spyware programs is that they don't include "active protection", which means they only scan after the fact. Pay for active protection. I use and recommend Malwarebytes Pro. It's the best $25 you can spend for security, and that's a lifetime license. Then you can schedule updates and quick scans as well. I've been very happy with both products for several years now.

  4. Great advice. Run scans as often as you can. Spybot, Spyware Blaster and SuperAntiSpyware are all very good free options. I think the only difference between the paid version and the free version of Spybot is the paid version auto updates. I also use the onscreen keyboard when logging into inportant sites like banking, etc. I was told that this bypasses any keylogger spyware. I also use Norton and update it daily.

  5. Use a good anti-virus/spyware/malware security software like webroot secure any where and scan. Also stay away from suspicious websites and don’t open emails from people you don’t know.

  6. The best way to ensure a security breach like this is not effective against you is to routinely run Antivirus and Anti-spyware software scans on your computer. Most computers come with a trial of Norton 365 which is a form of Antivirus software. Ensure this software is fully up to date AND that you actually run scans on your system periodically. Also get some good Anti-spyware software and do the same thing as with your Antivirus software. For those without either software I highly recommend Kaspersky Antivirus and Spybot Search & Destroy Anti-Spyware. Kaspersky costs every year, but it's well worth it. Spybot has both a free and a paid version, although I'm unsure if the paid version is just a one time fee or an annual fee, to be honest.

    On top of the above, changing your passwords for sites routinely is another good practice. Don't let your browser save your password, as that is a central point of failure if a hacker gets access to your computer. Some common mistakes that people do with regard to passwords are to 1) use the same password for everything, 2) saving their passwords in document formats on their computer, and 3) using common words or things that could be easily guessed by anyone that knows anything about you.

  7. So is this keyloggers detectable with AV software? How do I know whether my accounts were among those in the database?

  8. actually, zuckerlyingpieceofcrapberg probably sold them the information so that then he could turn around and try to sell facebook users some piece of crap software to install on their computer which would give him control of your computer. I do not, nor will I ever, have a facebook account because of this criminal. people are idiots who trust creeps like zuckerlyingpieceofcrapberg.

    • @robert:

      Not sure which is funnier; your paranoia or incoherence.

      I’m not a fan of Facebook or Zuckerberg, but if the alternative is to belong to an exclusive elite of foaming the mouth, delusional conspiracy theorists I might start investing in Facebook.

Leave a Reply

Your email address will not be published. Required fields are marked *